Privacy Panic Focuses on Wrong Issues

Privacy concerns, which are increasingly part of the online safety discussion, need to be based on real, not imagined dangers.

by Larry Magid

Lately I’ve gotten a sense that lots of Internet users are suffering from “privacy panic,” not unlike the “predator panic” that plagued the Internet a few years ago when lots of people falsely believed that children faced a grave risk of being sexually abused by Internet predators.

The problem with these panics is they tend to be based on extreme and often rare cases, or just plain myths. And they tend to focus attention on the wrong issues. A few years ago, obsession by the media and certain politicians with rare cases of predation distracted attention from much more likely risks, such as cyberbullying. Lately, fears of a loss of privacy at the hands of big Internet companies such as Google and Facebook have been obscuring more serious privacy issues that get less attention.

For example, a few months ago it was revealed that the cars that drive around taking pictures of buildings for Google Street View were also collecting data from unsecured Wi-Fi networks. Google said the data collection was unintentional and that it never used that data. Critics accused Google of deliberately spying on people’s Wi-Fi networks, leading to official government investigations on both sides of the Atlantic.

The furor over this alleged attack on privacy was silly. To begin with, data was collected only from unsecured networks. Most people now know to put some type of encryption on their Wi-Fi networks, and those who don’t face risks a lot more serious than a Google car driving by accidentally collecting snippets as it passes the house. It’s no surprise to me that the United Kingdom’s Information Commissioner’s Office found it “unlikely that Google will have captured significant amounts of personal data,” and further found “no evidence — as yet — that the data captured by Google has caused or could cause any individual detriment.”If you want to be paranoid, why worry about tiny amounts of unencrypted data picked up by passing vehicles? You’d be better off worrying about the data Google really does have access to. That includes not only what people search for but also the incoming and outgoing e-mail messages from millions of Gmail users and literally everything people do with Android phones — e-mail, text messages, Web surfing and even phone calls.

If Google wanted to get evil about user privacy, it could do a great deal of damage. What I worry about is not so much what Google is now doing with this data but what could happen if some future U.S. government or law enforcement officials conjured up ways to access Google servers.

There has also been paranoia about Facebook privacy policies. It’s true that Facebook has raised suspicions on more than one occasion by abruptly changing its privacy policies, making them too complicated and at times reaching too far. That’s why the company in May acknowledged its mistakes, backed away from some of its policies and streamlined its privacy settings. But at least Facebook has been transparent about the information it shares, and gives users control over most of the information they share with friends or the public.

Facebook is often accused of harvesting reams of data about users that it shares with advertisers. I suppose it could do that, but it doesn’t, not only because it would violate the company’s privacy policy but because it would be a bad business decision. Why turn over member information to advertisers when you can make more money by displaying their ads? Once the advertiser had that information, it would no longer need to advertise on Facebook. It makes business sense for Facebook to keep it confidential.

Facebook readily admits that it targets ads to members based on demographic information, just as Google admits that it targets ads based on people’s search queries or the content of their Gmail. That’s how these companies are able to offer free services — by making lots of money with highly targeted advertising.

I’m not suggesting that people shouldn’t be vigilant about Google and Facebook’s privacy policies. It’s important not only to be aware of their current policies but to keep abreast of any changes they might make in the future. The same goes for other companies you do business with, especially your bank, credit card companies, health insurance company, phone companies and even the grocery stores where you use loyalty cards.

It’s also important to be aware of cookies that can track your whereabouts on the Web. And, most of all, it’s important to be cautious of what you say online, especially in public forums.

There is a role for regulators, politicians and the media to keep companies accountable for protecting privacy, but what these parties do about privacy should be based on reasonable concerns, not paranoid fantasies and urban legends.

Disclosure: Google and Facebook are supporters of Connect Safely.org, a nonprofit Internet safety organization where I serve as co-director.